Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade minimatch from 5.1.0 to 5.1.6 #5

Open
wants to merge 41 commits into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade minimatch from 5.1.0 to 5.1.6 #5

wants to merge 41 commits into from

Conversation

organich
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade minimatch from 5.1.0 to 5.1.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 6 versions ahead of your current version.

  • The recommended version was released on 2 years ago.

Release notes
Package name: minimatch from minimatch GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

anthonykim1 and others added 30 commits August 19, 2024 12:55
@anthonykim1
Fix execInREPL Enter to respect complete expression (microsoft#23973)
a3dcf1b 
Resolves: microsoft#23934
Updating to check filed of object, since structure/type has changed when
I refactored code for native REPL.
@cwebster-99
Add GDPR comment for repltype (microsoft#23974)
9cd6b2d 
Add missing GDPR comment for new `repltype` telemetry - this ensure it
will get classified correctly
@anthonykim1 @karthiknadig
Additional graceful handling for pixi (microsoft#23942)
fdddaf9 
In addition to first PR
microsoft#23937

I've been able to repro aggressive errors of 
```
2024-08-12 13:59:21.087 [error] [Error: spawn pixi ENOENT
	at ChildProcess._handle.onexit (node:internal/child_process:286:19)
	at onErrorNT (node:internal/child_process:484:16)
	at process.processTicksAndRejections (node:internal/process/task_queues:82:21)] {
  errno: -2,
  code: 'ENOENT',
  syscall: 'spawn pixi',
  path: 'pixi',
  spawnargs: [ '--version' ]
}
```

```
2024-08-12 13:59:20.794 [error] Reading directory to watch failed [Error: ENOENT: no such file or directory, scandir '/Users/anthonykim/Desktop/vscode-python/.pixi/envs'
	at Object.readdirSync (node:fs:1509:26)
	at t.readdirSync (node:electron/js2c/node_init:2:11418)
	at /Users/anthonykim/.vscode/extensions/ms-python.python-2024.13.2024080901-darwin-arm64/out/client/extension.js:2:583006
	at /Users/anthonykim/.vscode/extensions/ms-python.python-2024.13.2024080901-darwin-arm64/out/client/extension.js:2:583197
	at Array.map (<anonymous>)
	at d.initWatchers (/Users/anthonykim/.vscode/extensions/ms-python.python-2024.13.2024080901-darwin-arm64/out/client/extension.js:2:582915)
	at async d.ensureWatchersReady (/Users/anthonykim/.vscode/extensions/ms-python.python-2024.13.2024080901-darwin-arm64/out/client/extension.js:2:539326)] {
  errno: -2,
  code: 'ENOENT',
  syscall: 'scandir',
  path: '/Users/anthonykim/Desktop/vscode-python/.pixi/envs'
}
```

even when I dont have pixi in my workspace. Changing the log level on
this and adding more wraps around that should give necessary
hint/message when needed without crashing program.

---------

Co-authored-by: Karthik Nadig <[email protected]>
@anthonykim1
Do not truncate whitespace for multi-line string (microsoft#23977)
e751377 
Resolves: microsoft#23743

It seems that when people have a multi line string such surrounded by
""" quotes, the white spacing inside the quote is very much intentional,
and so if we detect that they are in such code-block, we would rather
not normalize/truncate the white spaces for that specific code block.
@DonJayamanne
Handle poetry env manager from native locator (microsoft#23983)
8ea21a9 
For microsoft#23982
@rchiodo
Update to latest lsp for pull diagnostics (microsoft#23979)
32d519b 
This is to match the latest updates we've made in pylance.

See this PR:
microsoft/pyrx#5590
@dependabot
Bump importlib-metadata from 8.1.0 to 8.4.0 (microsoft#23980)
16bffde 
Bumps [importlib-metadata](https://github.com/python/importlib_metadata)
from 8.1.0 to 8.4.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_metadata/blob/main/NEWS.rst">importlib-metadata's
changelog</a>.</em></p>
<blockquote>
<h1>v8.4.0</h1>
<h2>Features</h2>
<ul>
<li>Deferred import of inspect for import performance. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/499">#499</a>)</li>
</ul>
<h1>v8.3.0</h1>
<h2>Features</h2>
<ul>
<li>Disallow passing of 'dist' to EntryPoints.select.</li>
</ul>
<h1>v8.2.0</h1>
<h2>Features</h2>
<ul>
<li>Add SimplePath to importlib_metadata.<strong>all</strong>. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/494">#494</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_metadata/commit/1616cb3a82c33c3603ff984b6ff417e68068aa6e"><code>1616cb3</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/71b467843258873048eb944545ba1235866523e6"><code>71b4678</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/ebcdcfdd18d427498f11b74e245b3f8a7ef5df9c"><code>ebcdcfd</code></a>
Remove workaround for <a
href="https://redirect.github.com/python/typeshed/issues/10328">python/typeshed#10328</a>.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/2c43cfe7dba2902095a166c4f6226ac5f7bfb50b"><code>2c43cfe</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/499">#499</a>
from danielhollas/defer-inspect</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/a7aaf72702b3a49ea3e33c9cf7f223839067c883"><code>a7aaf72</code></a>
Use third-person imperative voice and link to issue in comment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/e99c10510d48e840b0550bd05d1167633dcfaea7"><code>e99c105</code></a>
Restore single-expression logic.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/debb5165a88b1a4433150b265e155c21b497d154"><code>debb516</code></a>
Don't use global var</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/3c8e1ec4e34c11dcff086be7fbd0d1981bf32480"><code>3c8e1ec</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/5035755aac64a6ee902add3909f463a2bf54ee1c"><code>5035755</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/498">#498</a>
from python/feature/entry-points-disallow-dist-match</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/6d9b766099dbac1c97a220badde7e14304e03291"><code>6d9b766</code></a>
Remove MetadataPathFinder regardless of its position.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_metadata/compare/v8.1.0...v8.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=importlib-metadata&package-manager=pip&previous-version=8.1.0&new-version=8.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump elliptic from 6.5.4 to 6.5.7 (microsoft#23986)
460f623 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.4 to
6.5.7.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761"><code>3e46a48</code></a>
6.5.7</li>
<li><a
href="https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11"><code>accb61e</code></a>
lib: DER signature decoding correction</li>
<li><a
href="https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9"><code>03e06e1</code></a>
6.5.6</li>
<li><a
href="https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281"><code>7ac5360</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5"><code>7570078</code></a>
6.5.5</li>
<li><a
href="https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b"><code>206da2e</code></a>
lib: lint</li>
<li><a
href="https://github.com/indutny/elliptic/commit/0a78e0399ee1f5d919be6aa66b427c67a9df330d"><code>0a78e03</code></a>
[Fix] restore node &lt; 4 compat</li>
<li>See full diff in <a
href="https://github.com/indutny/elliptic/compare/v6.5.4...v6.5.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=elliptic&package-manager=npm_and_yarn&previous-version=6.5.4&new-version=6.5.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@anthonykim1
Fix stop sending double telemetry for Terminal REPL (microsoft#23995)
61bc2d5 
Related: microsoft#23740
@anthonykim1
Correctly track native REPL state (microsoft#23997)
7ccf01e 
Resolves: microsoft#23996
@karthiknadig
Version updates for Python Extension Release 2024.14.0 (microsoft#24040)
eb0ed8e
@karthiknadig
Update main to next pre-release version (microsoft#24043)
d9c0ce1
@eleanorjboyd
fix django manage.py path validation (microsoft#24019)
884efad 
fixes microsoft#24001
@rchiodo
Fix failing multiroot test (microsoft#24049)
3343560 
Fixes microsoft#24046
@karthiknadig
Remove use of mocked output channel in virtual workspace (microsoft#2…
e694910 
…4051)
@eleanorjboyd @karthiknadig
switch to using temp file for test_ids (microsoft#24054)
ef7c7e3 
first step in work on
microsoft#23279

---------

Co-authored-by: Karthik Nadig <[email protected]>
@karthiknadig
Download pet from azure pipeline build (microsoft#24052)
e3a7c7a
@karthiknadig
Better messaging for tests output in virtual or untrusted scenario (m…
223eca9 
…icrosoft#24060)
@karthiknadig
Stable extension builds using pet from Azure Feed (microsoft#24063)
34dac5c
@rchiodo @karthiknadig
Update engine version to match LSP client (microsoft#24065)
08e7fdf 
Co-authored-by: Karthik Nadig <[email protected]>
@anthonykim1
Revert "Do not truncate whitespace for multi-line string" (microsoft#…
6578d9d 
…24096)

Reverts microsoft#23977

Have to revert microsoft#23977
with issue: microsoft#23743 due
to microsoft#24069

Will revisit why microsoft#23743
is breaking if contained inside other top level (in ast term) code
block, and look into how to support
microsoft#23743 without
breaking.
@anthonykim1
Switch over to executeCommand from sendText (microsoft#24078)
216c7ed 
Resolves: microsoft#23929 

TODO: (debt --> in separate PR) Have ensureTerminal return
Promise<Terminal> instead of Promise<void> and saving this in the
TerminalService class. Would avoid many uses of the !, and maybe even
get to throw away the TerminalService class itself.
@edgarrmondragon
Add uv.lock to file associations (microsoft#23991)
0ae1a5d 
> `uv.lock` is a human-readable TOML file

https://docs.astral.sh/uv/concepts/projects/#lockfile
@StellaHuang95
Enable proposed APIs for codeActionAI (microsoft#24108)
144ecf6 
Addresses microsoft#24068

- Enable proposed APIs for `codeActionAI`
- Pin the engine to `1.94.0-20240913`
@anthonykim1 @karthiknadig
Contribute problem matcher (microsoft#24114)
b59af57 
Resolves: microsoft#3828
Breaking microsoft#23953 down into
two PR
1. problem matcher --> make sure to cover case where there is invalid
strings printed before the Error (e.g. NameError or ValueError)
2. Whether we will replace 'Run In Terminal by contributing task with
the problem matcher attached.

---------

Co-authored-by: Karthik Nadig <[email protected]>
@amunger
variable provider for native repl (microsoft#24094)
717e518 
fix microsoft#24066
@eleanorjboyd
Implementation of Test Coverage (microsoft#24118)
8268131 
fixes microsoft#22671
@amunger
account for inline chat widget (microsoft#24130)
9a22fb4 
`enter` should apply to the inline chat widget if it is focused, not the
parent code editor
@amunger
use new context key for both repl-type editors (microsoft#24131)
07a0755 
both the repl editor and the IW can be accounted for with the new
compositeNotebook context key
@anthonykim1 @cwebster-99
Adding PYTHONSTARTUP with shell integration to environment variable c…
3fcb3fa 
…ollection (microsoft#24111)

Resolves: microsoft#23930
- setting to opt out of PYTHONSTARTUP injection.

---------

Co-authored-by: Courtney Webster <[email protected]>
connor4312 and others added 11 commits September 19, 2024 10:44
@connor4312
Add a command copilot calls back to ensure testing is set up (microso…
cac5bb2 
…ft#24128)

See
https://github.com/microsoft/vscode-copilot/wiki/Package.json-Copilot-Contributions
@anthonykim1
Add logging for executeCommand (microsoft#24138)
62897c6 
Need logging to further investigate
microsoft#24123 (comment)
for windows.
@anthonykim1
Default PYTHONSTARTUP to opt out/off for Stable Release (microsoft#24140
63280be 
)

From discussion in the original issue:
microsoft#23930 (comment)
Making default to be false for September stable, perhaps we could turn
it on to true for insiders AFTER once we ship out stable.
/cc @Tyriar
@amunger
Use new REPL notebook API (microsoft#24029)
f9bb1f1
@anthonykim1
add experimental tag for enableShellIntegration (microsoft#24144)
336a110 
To better control flow of:
microsoft#24141
Adding experimental tag:
This way, we are able to control the default value without having to
recovery release in the worst case scenario.
@anthonykim1
Remove variableProvider suite.only from limiting other tests (microso…
af2aa6e 
…ft#24146)

Related: 


https://github.com/microsoft/vscode-python/pull/24094/files#diff-0f06d935b3fbdcc3b6bb01c3987d454c6eb0c3cb0eebbd7c2a58456b0442c4a1R11
seems to be only limiting itself to be ran as a test and no other.
/cc @amunger
@anthonykim1 @Tyriar
Change PYTHONSTARTUP setting name to Python.terminal.shell integratio…
f8b861a 
…n.enabled (microsoft#24153)

Resolves: microsoft#24143 
/cc @cwebster-99 @Tyriar

---------

Co-authored-by: Daniel Imms <[email protected]>
@dependabot
Bump importlib-metadata from 8.4.0 to 8.5.0 (microsoft#24100)
8cfd2d0 
Bumps [importlib-metadata](https://github.com/python/importlib_metadata)
from 8.4.0 to 8.5.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_metadata/blob/main/NEWS.rst">importlib-metadata's
changelog</a>.</em></p>
<blockquote>
<h1>v8.5.0</h1>
<h2>Features</h2>
<ul>
<li>Deferred import of zipfile.Path (<a
href="https://redirect.github.com/python/importlib_metadata/issues/502">#502</a>)</li>
<li>Deferred import of json (<a
href="https://redirect.github.com/python/importlib_metadata/issues/503">#503</a>)</li>
<li>Rely on zipp overlay for zipfile.Path.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_metadata/commit/b34810b1e0665580a91ea19b6317a1890ecd42c1"><code>b34810b</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/8c1d1fa4f4e2160fef17b0bb7fef2ca276b53a99"><code>8c1d1fa</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/501">#501</a>
from Avasam/Pass-mypy-and-link-issues</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/afa39e8e08b48fbedd3b8ac94cf58de39ff09c35"><code>afa39e8</code></a>
Back out changes to tests._path</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/8b909f9b1cdfc056eff3acd38337661ab24ef8b3"><code>8b909f9</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/503">#503</a>
from danielhollas/defer-json</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/2a3f50d8bbd41fc831676e7dc89d84c605c85760"><code>2a3f50d</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/3f78dc17786e0e0290db450e843ac494af0158e9"><code>3f78dc1</code></a>
Add comment to protect the deferred import.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/18eb2da0ee267394c1735bec5b1d9f2b0fa77dd9"><code>18eb2da</code></a>
Revert &quot;Defer platform import&quot;</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/58832f234ba1aea5906c4d56f4b2c4a21d640608"><code>58832f2</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/502">#502</a>
from danielhollas/defer-zipp</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/e3ce33b45e572824b482049570cac13da543999b"><code>e3ce33b</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/d11b67fed9f21503ca369e33c917a8038994ce0b"><code>d11b67f</code></a>
Add comment to protect the deferred import.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_metadata/compare/v8.4.0...v8.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=importlib-metadata&package-manager=pip&previous-version=8.4.0&new-version=8.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@karthiknadig
Fix issue with creating .gitignore with venvs (microsoft#24155)
c314bab 
Fixes microsoft#24151
@snyk-bot
fix: upgrade minimatch from 5.1.0 to 5.1.6
1fd701a 
Snyk has created this PR to upgrade minimatch from 5.1.0 to 5.1.6.

See this package in npm:
minimatch

See this project in Snyk:
https://app.snyk.io/org/organich/project/c7f19be0-2419-4a9b-9d86-e1f3e4321c43?utm_source=github&utm_medium=referral&page=upgrade-pr
@organich
Merge branch 'main' into snyk-upgrade-a545192eaa12991d51cb02671626d675
360bead
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.